| From: | "Tefft, Michael J" <Michael(dot)J(dot)Tefft(at)snapon(dot)com> |
|---|---|
| To: | "pgsql-general(at)lists(dot)postgresql(dot)org" <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Removing the default grant of EXECUTE on functions/procedures to PUBLIC |
| Date: | 2024-07-05 14:45:11 |
| Message-ID: | BN8PR04MB6289E694A40BE7DF913754A1D0DF2@BN8PR04MB6289.namprd04.prod.outlook.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
I am trying to remove the default grant of EXECUTE on all functions/procedures to PUBLIC.
From my reading, there is no straightforward way to do this. For example,
ALTER DEFAULT PRIVILEGES REVOKE EXECUTE ON FUNCTIONS FROM PUBLIC;
Does not apply this across the entire cluster (or database) but only applies to the role who issued it (and objects yet to be created by that role) .
So I am arriving at the conclusion that I need to alter the default privileges for every existing role (which I expected), and ensure that default privileges are altered for every new role that is created going forward.
Have I analyzed this correctly?
Thanks,
Mike Tefft
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David G. Johnston | 2024-07-05 14:49:34 | Re: Removing the default grant of EXECUTE on functions/procedures to PUBLIC |
| Previous Message | Krishnakant Mane | 2024-07-05 13:28:21 | confused about material view locks please explain |